CVE-2025-2667
LOWDescription
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 could disclose sensitive system information about the server to a privileged user that could aid in further attacks against the system.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ibm | sterling_b2b_integrator |
| ibm | sterling_b2b_integrator |
| ibm | sterling_file_gateway |
| ibm | sterling_file_gateway |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-2667? +
How severe is CVE-2025-2667? +
What products are affected by CVE-2025-2667? +
How do I check if I'm vulnerable to CVE-2025-2667? +
Related Vulnerabilities
Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere …
A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs …
An Exposure of Sensitive System Information to an Unauthorized Control Sphere and Initialization of a Resource with an Insecure Default …
SES safely executes third-party JavaScript 'strict' mode programs in compartments that have no excess authority in their global scope. Prior …
The affected products could allow an unauthenticated attacker to access system information that could enable further access to sensitive files …
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability …